Security News > 2020 > September > NSA Issues Cybersecurity Guidance for Remote Workers, System Admins
The National Security Agency has published two cybersecurity information sheets with recommendations for National Security System and Department of Defense workers and system administrators on securing networks and responding to incidents during the work-from-home period.
Recommended steps to mitigate the compromise, the NSA says, include rebooting and resetting routers, disabling their remote administration functionality and updating the firmware; disconnecting infected machines from the network, resetting passwords on a different device and running anti-malware software; and removing ransomware infections and restoring a previously backed-up good state.
The NSA's second CSI, which is titled Performing Out-of-Band Network Management, provides system admins information on how to isolate management traffic from operational traffic to ensure that a compromised device or malicious traffic won't affect network operations or compromise network infrastructure.
"OoB management creates a framework that enables administrators to improve the security of their networks by segmenting management traffic from operational traffic, and ensuring that management traffic only comes from the OoB communication path," the NSA explains.
The NSA recommends using encryption protocols and strong encryption algorithms and key sizes, managing devices using strong virtual private networks only, hardening network management devices, continuously monitoring the network and reviewing logs, and establishing a configuration review and check-in process, which will allow easily identifying malicious changes.